Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4988 to the following vulnerability: Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. References: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=597 http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html http://www.imagemagick.org/script/changelog.php http://www.securityfocus.com/bid/25765 http://www.frsirt.com/english/advisories/2007/3245 http://www.securitytracker.com/id?1018729 http://secunia.com/advisories/26926 http://xforce.iss.net/xforce/xfdb/36737
RHEL-2.1 is not affected, it did not contain the DIB coder.
Created attachment 241681 [details] backported patch from Jonathan Smith
Created attachment 241701 [details] Needed for backport
Created attachment 241711 [details] needed for backport
Doesn't Affect: RHEL2.1 (no dib support) Affects: RHEL3 Affects: RHEL4 Affects: RHEL5
Created attachment 278181 [details] ImageMagick-5.5.6-CVE-2007-4988.patch Backported patch for 5.5.6 (as used in RHEL-3)
The patches from comment 5 and 6 are missing the changes to the headers...
Reporter changed to security-response-team by request of Jay Turner.